Web-based method and system for applying a legally enforceable signature on an electronic document

ABSTRACT

A web-based method and system for applying a legally enforceable signature of a user on an electronic document. The user accesses a web environment from a secure electronic system having verified his identity. Once in this web environment, the user is presented with a web-based representation of the document, and with legal disclosure and consent information related to the signing process. The user must agree with all of the information presented to him before his signature is applied to the document. A process log of the signing is kept for future reference.

CROSS REFERENCE TO RELATED APPLICATIONS

The present application is a continuation application of U.S.application Ser. No. 10/022,559, filed Dec. 14, 2001, entitled“WEB-BASED METHOD AND SYSTEM FOR APPLYING A LEGALLY ENFORCEABLESIGNATURE ON AN ELECTRONIC DOCUMENT,” which claims the benefit of U.S.Provisional Patent Application No. 60/291,616, filed May 18, 2001,entitled “WEB-BASED PROCESS FOR THE ELECTRONIC SIGNING OFLEGALLY-BINDING DOCUMENTS,” and the benefit of U.S. Provisional PatentApplication No. 60/255,133, filed Dec. 14, 2000, entitled “METHOD ANDSYSTEM FOR ELECTRONICALLY GENERATING AND SIGNING DOCUMENTS AND RECORDSIN A WEB ENVIRONMENT,” all of which are hereby incorporated by referencein their entireties.

FIELD OF THE INVENTION

The present invention relates to the electronic signing of documents,and more particularly concerns a web-based process and system allowingthe legally enforceable signing of documents in a web environment, whichdoes not require the user to install any special signing software on hissystem.

BACKGROUND OF THE INVENTION

In the Web e-commerce world, physical handwritten signatures are oftenconsidered an unnecessary burden to a process that users expect to befast, easy, and reliable. An increasing number of businesses are engagedin Web-based e-commerce activities and require the legal signing ofcontractual documents or records as part of delivering their Web-basedservices. These types of applications are prevalent in financialservices that are affected by the E-Sign law. In this environment, userscurrently go to the service provider's Web site and are required todownload and print documents, physically sign them, and send the signeddocuments back to the service provider either by Fax or mail. Thisresults in added delays, increased costs, and additional manualprocessing on the part of the service provider. Web-based serviceproviders or operators of Web sites would prefer to have their customersreview and legally sign any required contractual documents or recordsdirectly and in real-time on their Web site, where users would only needa Web browser to complete the transaction as quickly as possible.

To understand what “signing” means, one needs to consider the UniformCommercial Code (UCC) which defines a signature as a mark or symbol ofthe signer's intention to authenticate a written document. TheElectronic signatures in The Global and National Commerce Act (a.k.a.E-Sign law) defines an electronic signature as an electronic sound,symbol, or process, attached to or logically associated with a contractor other record and executed or adopted by a person with the intent tosign the record. Therefore, an electronic signature can be representedby one's name that is typed into a Microsoft Word document or byclicking on an “I Agree” button at the end of a series of Web pages, aslong as the act of signing is somehow attached to or associated with thecontract or record and with the person who is signing.

Either of these methods would be ideal on the Web. However, withoutsecurity to protect the attachment or the association of the signatureto the document or record that it is authenticating, it will not beconsidered reliable and the contract would not be legally enforceable.This invention provides the equivalent of a legally-enforceable “IAgree” button or a typed name and signing process that is securedthrough PKI technology or other means without the complexity of issuingdigital certificates to each user who needs to sign and then having tomanage all these digital certificates.

To date, having a secure electronic signature meant providing eachsigner with a unique, secure identifier that was used to sign throughcryptographic techniques. Such an approach is difficult to implement anduse. The present invention separates the “signing” and security into twoseparate functions and leverages the fact that Web sites using thisinvention will be able to create and maintain their own uniqueidentifier for the signer where this unique identifier is used by thisinvention to electronically sign the document. Security is then appliedin a unique manner that is optimized for this Web environment.

SUMMARY OF THE INVENTION

In accordance with a first aspect of the invention, there is provided aweb-based method for applying a legally enforceable signature of a useron an electronic document, the signing of said document occurring in aweb environment. The method includes the following steps:

-   a) having the user access the web environment from a secure    electronic system, said secure system having verified the identity    of the user;-   b) having the user sign the electronic document in said web    environment, said signing comprising the substeps of:    -   i) presenting the user with a web-based representation of the        document;    -   ii) presenting the user with legal information related to said        signing, and getting agreement from the user of said legal        information; and    -   iii) upon agreement from the user of the legal information,        applying said signature of the user on said document;-   c) generating a process log of the signing of step b) and securely    associating said process log with the document as signed; and-   d) making the document as signed available to the user.

In accordance with another aspect of the invention, there is providedanother web-based method for applying a legally enforceable signature ofa user on an electronic document. The signing of said document occurs ina web environment, and the method includes the steps of:

-   a) having the user access the web environment from a secure    electronic system, said secure system having verified an identity of    the user;-   b) having the user sign the electronic document in said web    environment, said signing comprising the substeps of:    -   i) presenting the user with legal information related to said        signing, and getting agreement from the user of said legal        information;    -   ii) presenting the user with a web-based representation of the        document;    -   iii) getting confirmation from the user that the document is to        be signed; and    -   iv) applying said signature of the user on said document;-   c) generating a process log of the signing of step b) and securely    associating said process log with the document as signed; and

d) making the document as signed available to the user.

According to yet another aspect of the invention, there is provided asystem for applying a legally enforceable signature of a user on anelectronic document in a web environment.

The system first includes accessing means for accessing the webenvironment from a secure electronic system.

The system according to this aspect of the invention also includes aplurality of modules. A document-rendering module is provided forpresenting the user with a web-based representation of the document.Also provided is a legal disclosure module for presenting the user, inthe web environment, with legal information related to electronicallysigning the document, and for obtaining agreement from the user of thislegal information. A document approval module for providing thesignature of the user to the document, upon agreement from the user ofthe legal information, is also provided. The system further includes aprocess log module for generating a process log of the signing of thedocument and securely associating this process log with the document assigned. Finally, a document distribution module for making the documentas signed available to the user is also provided.

Other features and advantages of the present invention will be betterunderstood upon reading of preferred embodiments thereof, with referenceto the appended drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a flow chart illustrating the interactions between some of thekey modules that are part of a system according to a preferredembodiment of the invention.

FIGS. 2A to 2D define together the flow chart of a method according to apreferred embodiment of the invention.

FIG. 3 illustrates various modules according to an embodiment of theinvention more elaborate than the embodiment of FIG. 1. FIG. 4illustrates a preferred embodiment of the invention put into practice.

DESCRIPTION OF PREFERRED EMBODIMENTS OF THE INVENTION

The present invention is a new and unique concept in the implementationof electronic signatures over the World Wide Web. It addresses such aneed where users can sign legally enforceable documents and records onthe Web using only a Web browser. Therefore, the process of “signing” ispreferably aligned with the purpose and structure of the serviceprovider's Web site. No components are required to be installed or setupon the user's desktop and all user interactions and the requiredsignatures occur within the Web browser. The term “document” is usedherein in a very broad sense and can be a traditional electronicdocument (e.g. Microsoft Word or Excel, Adobe PDF, etc.) an HTML or XMLpage or form, a template and associated data elements, a scanned imageof a paper document, etc. The document to be signed may be viewed in abrowser, but is likely to begin and/or end in a traditional format suchas MS Word or Adobe Acrobat, as well as Web-based formats such as HTMLand XML. User identification is assumed to come from the serviceprovider's Web site or through an ancillary Web service used by theservice provider. This ensures that the service provider or operator ofthe Web site has properly identified the user to its satisfaction andaccess to the Web site is then considered secure.

Referring to FIG. 1, there is shown a system 10 for applying a legallyenforceable signature of a user on an electronic document in a webenvironment, according to a first preferred embodiment of the presentinvention. This system 10 preferably consists of a set of modules thatcan be used in various combinations depending on the application that isrunning on the eCommerce Server of the service provider's Web site. Oneof the key advantages of the present system is that it is entirelyserver-based and it requires only a Web browser to be used on theend-user's desktop.

The system 10 first includes accessing means for accessing the webenvironment from a secure electronic system, such as a link 12 to thisweb environment. For example, the user may simply log onto a Web sitewhere she is a member and stores information that is unique about herwithin the context of that Web site (e.g. an account number). This website therefore defines the secure electronic system. Once within the Website, the user needs to sign a document, and simply click on a link thatleads to the web environment of the invention. This web environmentcould physically be a part of the secure electronic system, or remotelyconnected thereto by a secure connection. In another preferredembodiment, the user's Internet service provider itself could define thesecure electronic system. It is therefore assumed that the eCommerceServer at the service provider's Web site where the electronic signingtakes place has already identified the signer to its satisfaction. Thismay be accomplished by a variety of methods including the fact that thesigner has been carrying out other transactions from this Web site andis verified by the service provider to in fact be that person.

A document-rendering module 14 for presenting the user with a web-basedrepresentation of said document is also provided. This module allows theWeb site to automatically prepare a document to present to the userthrough the Web browser. The Web site may need to retrieve the prepareddocument from a document storing location through appropriate retrievingmeans, or it creates the document on the fly using templates. A DocumentCustomization Module 16, cooperating with the document-rendering module,is preferably provided for this purpose. Preferably, the Documentrendering Module 14 prepares the document in HTML format so that it maybe presented to the user through his Web browser. Any appropriate meansto transform the document from a non-web format to such a web format maytherefore be provided as part of the document-rendering module. As aresult, the user is able to easily review the document prior to signingit. The document-rendering module preferably provides a “Sign” button atthe proper location in the document, so that clicking thereon may beginthe signing process.

The system 10 of the present invention also includes a legal disclosuremodule 20 for presenting the user, within the web environment, withlegal information related to electronically signing of the document, andfor obtaining agreement from the user of this legal information.Preferably, appropriate displaying means are used to display the legalinformation in a web-based medium, such as a series of Web pages ordialog boxes. The legal information aims to clearly notify the user ofthe signing that is about to take place and its purposes. The legalinformation preferably includes information about legal implications ofusing the ongoing process to electronically sign the document, or legaldisclosures related to the document itself. The disclosure informationalso preferably indicates what data or process is being used to createthe electronic signature. These pages may also provide all legaldisclosures and consent information that is required by the E-Sign orother legislation or regulation. The user is not allowed to proceed withthe actual electronic signing of the document unless he has agreed toall the legal information, by clicking on “I Agree” buttons orequivalents. Each element of the legal information may be agreed toindividually or as a group. Legal intent is therefore properlyestablished and consented to through these disclosure pages.

The system according to the present invention further includes adocument approval module 22, for actually applying the signature of theuser on the document upon agreement from the user of the legaldisclosure and consent information. To perform the signing, a specialsignature file is preferably used. In the preferred embodiment, aspecial signature file is automatically created by a User Binding Module24, using relevant data that is obtained from the secure electronicsystem. This data includes user-specific information uniquelyidentifying the user who is signing, and is preferably combined with thedigital certificate and private key of the service provider's eCommerceServer that is controlling the signing process. This user-specificinformation in the signature file can also include a captured electronicimage of the user's signature. Preferably, the document approval moduleembeds this signature file in the document, thereby effecting itssigning.

Also provided in the system 10 of the invention is a process log module26 for generating a process log of the signing, securely associated tothe document as signed. In the preferred embodiment, the process logmodule 26 captures a record of every step of the signing process, andtherefore further reduces the possibility of fraud. All the operation ofthe legal disclosure module and document approval module should in theminimum be included in this process, although during the course of theprocess leading up to and after the electronic signing, most if not allof the events in the process should preferably be recorded or observedsuch that at a later time they serve to support the act of signing. Theprocess log can then be used to reconstruct every Web page and step thatoccurred during the signing process, for future reference.

By stating that the process log is “securely associated to thedocument”, it is meant that measures are taken to ensure that the log isthe true rendition of the signing of a particular document. In thepreferred embodiment, a secure process authentication code uniquelyrepresenting the process log is embedded in the document as signed. Forexample, the secure process authentication code is embodied by a hash ofthe process log. Advantageously, this embodiment ensures that anytampering with the process log after the signing of the document wouldbe immediately detectable when accessing this log by comparing a hash ofthe log accessed with the one provided in the signed document.

Similarly, to prevent tampering of the document after its signing, asecure document authentication code uniquely representing the documentas signed, such as a hash of this document, is also embedded therein.

A Document Distribution Module 28 is finally provided for distributingthe electronically signed document or record to the user, and any otherparty involved in the signing. This will enable each party to have anidentical signed copy that can be used to avoid possible fraud in thefuture. This feature is advantageous in that when one signs alegally-enforceable document or record, this binding exists between twoor more parties and each party should ideally receive a copy of thesigned document or record within a reasonable period after thecompletion of the signing process such that they remember or can verifythat the contract (i.e. the electronically signed document or record) iswhat they have actually signed. This is effectively what happens todayon paper.

It is understood that the above description of the present system'sconstituent modules is provided at a high-level to assist in theunderstanding of the structure of this invention. Each of these modulesactually consists of many sub-components that are beyond the scope ofthis document due to their complexity. These sub-components include manyoptional capabilities such as a document store, a user password recoverymechanism, digital time stamping facility, and a digital notary.

Referring to FIG. 3, there are shown a few additional modules that mayfor example be added to the system 10 of the present invention.“Document Modules” may include a document management module 18 inaddition to the document customization module 16, the document-renderingmodule 14, the user binding module 24 and the document distributionmodule 28. The “Process Modules” include the above-described process logmodule 26, the document approval module 22, and additionally a hashingmodule 30, and a time stamping module 32. Tools such as a playbackmodule 34, a system management console module 36 or a softwareapplication to verify the document 38 may also be included. Otheroptional modules not shown in FIG. 3 include the following: identitymanagement module, reporting module, billing module, archival module,template creation & validation module, policy manager module, and uploadmodule.

In accordance with another aspect of the present invention, there isalso provided a web-based method for applying a legally enforceablesignature of a user on an electronic document, the signing of thisdocument occurring in a web environment. The method includes thefollowing steps:

-   a) having the user access the web environment from a secure    electronic system, this secure system having verified the identity    of the user;-   b) having the user sign the electronic document in the web    environment. The signing includes the following substeps:    -   i) presenting the user with a web-based representation of the        document. The document may be retrieved from a document storing        location or generated from a template. If the document is        originally in a non-web format, it is preferably transformed        into a web-compatible format;    -   ii) presenting the user with legal information related to the        signing operation, preferably through a series of web pages or        dialog boxes. The user must agree to this legal disclosure and        consent information to move on to the next step;    -   iii) upon agreement from the user of the legal information,        applying the signature of the user on said document. Preferably,        user-specific information is obtained from the secure electronic        system and included in a special signature file, defining the        electronic signature of the user that may include a captured        electronic image of the signer's signature. The user specific        information preferably includes a digital certificate and        private key of the electronic system on which the signing        process is being executed which are also associated to the        document; and-   c) generating a process log of the signing operation, and securely    associating this process log with the document. Ideally, this    process log allows the reconstruction of at least substeps b) i)    to b) iii) above as executed by the user. In the preferred    embodiment, a secure process authentication code such as a hash of    the process log is generated and embedded in the document as signed.-   d) making the document as signed available to the user and any other    parties concerned by said document. It may for example be e-mailed    or otherwise transmitted to him, or sent to a download page    accessible by all involved.

Preferably, an additional step of providing an audit trail of thesigning process inside the document is performed. Another possibleadditional step includes providing a secure document authentication codein the document, such as a hash thereof after signing.

It is understood that the particular order in which the steps andsubsteps of the method above are performed is not material to theinvention. For example, the legal disclosure and consent information maybe presented to the user before the electronic document itself. Anynumber of other immaterial modifications to the sequential order of thepresent method may equally be made.

Referring to FIGS. 2A to 2D, there is illustrated a more detailedembodiment of the method of the present invention identifying thedifferent components of a system that may be used to perform thismethod.

Referring to FIG. 2A, there is first illustrated the log in process ofthe user accessing the system. A log-in module is provided, ensuring asuccessful login of the user. The identity of the user is then checkedthrough a user authentication module. User specific information isavailable for this purpose. The document is then prepared usingtemplates, boilerplate text or user-specific information obtained fromthe system to which the user is logged on.

Referring to FIG. 2B, there is shown how the document, once ready, ispreferably stored in short-term document storage for future reference. Acopy of the document is rendered to HTML or any other method used by theWeb browser to which a “sign” button is added at an appropriatelocation. In this embodiment, the user first clicks on the sign buttonand is then taken to the legal disclosure and consent page or pageswhere the legal intent of the user is confirmed. The user may at thispoint go back to the Web browser rendition of the document to review itscontent again, if so desired. Once the user has agreed to all legalimplications of the signing process, the actual approved document iscreated. The document is fetched from short-term storage, the uniqueinformation about the user representing his signature is attachedthereto, and the document is preferably hashed, timestamped and signedusing the system's private key.

Referring to FIG. 2C, there is shown that the signed document is storedin long-term storage for future reference using the user's transactionid as unique key. From there, several options are possible. The documentmay be e-mailed to the user and any other interested party. It may beavailable for download and the user is automatically taken to thedownload page. Alternatively, an URL to the download page may bee-mailed to the user.

FIG. 2D illustrates the download process.

At each step of the method above, an archiving module keeps a record ofthe entire process. Preferably, this information is hashed and stored ina WORM log store. A digital notary provides a time stamp for each event.

It is understood that the embodiment of FIGS. 2A to 2D is given as anexample and is in no way limitative to the scope of the presentinvention.

Referring to FIG. 4, there is generally illustrated how the method andsystem of the present invention would for example appear to a userthereof. Other representations are possible.

The Web-Based e-Signing Process is used here in the context of amerchant's e-Commerce Web site where an electronic approval andsignature is required to complete a specific commercial transaction onthe Web. Once a customer has completed the execution of a particulare-Commerce transaction or process and is ready to electronically sign alegally enforceable contract, the merchant's e-Commerce Web siteperforms a hand-off to the e-Signing Process and provides all pertinentdata and information needed to generate the appropriate contract forapproval and signature. Once this hand-off is complete, the customer isguided through three major steps that represent the core e-SigningProcess.

1. Process, E-SIGN Law, and Legal Disclosures

The e-Signing process starts by clearly explaining the electronicsigning process that the customer is about to execute, providing a briefoverview of the E-SIGN law, and displaying the legal disclosures andconsent information required for that particular transaction orcontract(s). The presentation method depicted in FIG. 4 is based on theuse of tabs where each tab represents one of the following elements;

-   The Process tab explains the e-Signing process.-   The E-SIGN Law tab provides a brief overview of the E-SIGN law with    hyperlinks to other relevant information. This tab also has “I    CONSENT” and “I DO NOT CONSENT” buttons to capture the customer's    consent as required by the E-SIGN law.-   The Legal Disclosures tab presents all the required legal    disclosures and consent information (LD1, LD2, etc.). An unlimited    number of disclosures can be accommodated.

All tabs have a check mark to indicate to the customer which legaldisclosures and consent information have already been viewed or agreedto.

It should be noted that the choice of tabs in this figure represents oneimplementation method that is used here to illustrate the invention.Other methods are also possible and will not impact the scope,applicability, or innovative nature of this invention.

2. Contract Review and Approval

After reviewing all the information provided in step 1, the customerproceeds to the next step where the contracts are reviewed and approved.An unlimited number of contracts can be presented (C1, C2, C3, C4,etc.). After reviewing each contract, the customer can either agree ordisagree to the terms and conditions of a particular contract. Asbefore, all tabs have a check mark to indicate to the customer whichlegal disclosures and consent information have already been agreed ordisagreed to.

3. Legal Implications and Contract Signing

The last key step of the e-Signing process presents to the customer thelegal implications of proceeding with the electronically signing ofthese contracts. This step also presents all customer informationnecessary to explain the legal implications in the context of theexecuted transaction. It is this information that will be used toelectronically sign the contracts and bind the customer to thesecontracts based on a secure, tamper-proof, and non-refutable method asdescribed above. Once the customer has signed the contracts, controlreturns to the merchant's e-Commerce Web site based on a pre-definedhand-back protocol, which transfers status data indicating whichcontracts were successfully signed and which were not.

In parallel with the hand-back transfer of control to the merchant'se-Commerce Web site, the e-Signing Process provides the following:

-   Thanks customers for using the e-Signing process and informs them    that an e-mail will be sent to them, enabling them to download a    copy of the signed contracts for their records;-   Sends an e-mail to the customer with a link to the Download Page.    The Download Page enables customers to download a copy of the signed    contracts to be stored on their computers or printed. This page also    provides customers with the ability to download a software    application for verifying the authenticity of the signed contracts.    Customers will also be provided with information on the technology    requirements, both software and hardware, needed to view and print    the downloaded contracts.-   Upon viewing the technology requirements, customers will still have    the option to request paper copies of the contracts should they    decide to do so instead of proceeding with electronic contracts.

The uses and advantages of the present invention are not limited to theembodiments described above. As further examples, the three followingscenarios are considered for using the invention:

1. Signing of a Document by a New Member Enrolling to the eCommerceServer of the Service Provider's Web Site

In this case, the user is new to the service provider's Web site andwill need to sign a document as part of the enrolment to the site or toobtain a service from the site. For example, an online mortgage companyreceives an application from a new customer. The new customer needs toprovide information that will be used to identify himself. The newcustomer must then go through some kind of online identification processso that the online mortgage company can be certain that it will not bedefrauded. If the service is successful, then the new customer proceedswith the signing process using the eSigning Server. It is possible thatthe service provider chooses to post-identify the new customer. That is,the identity of the new customer is assumed until some later event takesplace such as submitting a check for payment that will serve to identifythis customer. This approach is not likely to work for all processessince it may not be possible to wait for such an event.

2. Signing of a Document by an Existing Member of the eCommerce Serverof the Service Provider's Web Site

Using the online brokerage Web site example, an existing member of thesite needs to sign some authorization documents. Since the trader is aknown member of the Web site, available identification information canbe used for the purpose of signing. The trader's ability to log in givesthem the right to sign. Signing can then proceed as described above withthe full knowledge that the user has already been securely andpositively identified.

3. Signing of a Document on a Related Web Site by an Existing Member ofthe eCommerce Server of the Service Provider's Web Site

In this case, an existing member of a Web site must sign documents at arelated, linked Web site. For example, an online banking site offersinsurance to its existing members through a link from its eCommerceServer. When the member is linked to the insurance company's Web site,this member is “introduced” to the insurance Web site by the onlinebanking Web site. The insurance Web site may then accept the identity ofthe online banking member without further verification and the member isnow able to sign documents on its Web site using the process describedabove. In this case, this invention provides a capability through theeSigning Server to securely transfer the identity of the existing memberto the related Web site. It is also possible for the eSigning Server ofthe online banking Web site to allow its members to sign an insurancecompany's documents on its Web site without the need to transfer themember and associated identity to the insurance company's Web site.

Business applications for this present invention are numerous in thefinancial services area as well as other service providers or businessesrequiring the legal signing of contractual documents controlled throughtheir Web sites. In the financial services area, applications includeinsurance applications, insurance claims, securities transactionauthorizations, mortgages, loans, leases, banking authorizations, andmany other types of documents that require legally enforceablesignatures. Outside of financial services, applications include generalbusiness contracts, non-disclosure agreements, proposals, bids, andresponse to RFPs. An example of a typical application would be an onlinebrokerage Web site where members are required to sign authorizationdocuments to allow for the transfer of funds or for opening new mutualfund accounts. In order to maintain control over these Web-baseddocuments, they would generally be maintained at the Web site of thebrokerage firm. Since these documents need to be signed, the serviceprovider or

Web site operator cannot burden the users by requiring the creation ofspecial signatures or the installation of special software on theirdesktops in order to identify themselves for the purpose ofelectronically signing such documents.

In addition to the applicability of this invention to the signing ofWeb-based, legally-enforceable documents in various industries (e.g.financial, pharmaceutical, government, legal, engineering,manufacturing, etc.), other possible uses for this invention includeWeb-based marketing, content source insurance, self-branding,cross-branding, syndication, digital rights protection, personalization,collaboration, gaming, and a wide range of emerging distributed orpeer-to-peer applications, to name a few.

In summary, this invention replaces a regular “I Agree” button or atyped name in Web pages by a process containing one or more “I Agree”buttons where that process sufficiently demonstrates the signer's intentduring the electronic signing process. Of course, the expression “IAgree” is given here by way of example as any other appropriateformulation could laternatively be used. The invention is alsocompatible with the capture of the signer's signature as an electronicimage to be applied to the signed document. Furthermore, this inventionalso provides for the collection and securing of digital data aselectronic evidence such that the signing process may be consideredlegally enforceable or legally binding.

Of course, numerous changes and modifications may be made to theembodiments described above without departing from the scope of theinvention as defined in the appended claims.

What is claimed is:
 1. A web-based method for applying signature of auser on an electronic document in a web environment such that saidsignature of the user is legally enforceable, said method comprising thesteps of: a) having the user access the web environment from a secureelectronic system, said secure system having verified the identity ofthe user; b) having the user sign the electronic document in said webenvironment, thereby signing said electronic document, said signingbeing server-based and comprising the substeps of: i) presenting theuser with a web-based representation of the electronic document; ii)presenting the user with legal information related to said signing, andgetting agreement from the user of said legal information; and iii) uponagreement from the user of the legal information, applying saidsignature of the user on said electronic document; c) generating aprocess log of the signing of step b), said process log allowing thereconstruction of substeps b) i) to b) iii) as executed by said user,and securely associating said process log with the electronic documentas signed, said securely associating comprising the substeps of: i)generating a secure process authentication code uniquely representingsaid process log; and ii) embedding said process authentication code insaid electronic document as signed, thereby securely associating saidprocess log and electronic document; and d) making the electronicdocument as signed available to the user.
 2. A method according to claim1, wherein substep b) i) comprises retrieving said electronic documentfrom a document storing location.
 3. A method according to claim 1,wherein substep b) i) comprises generating said electronic document froma template.
 4. A method according to claim 1, wherein substep b) i)comprises transforming said electronic document from a non-web format toa web-format.
 5. A method according to claim 1, wherein, in step b) ii),said legal information comprises information about legal implications ofthe signing of the electronic document.
 6. A method according to claim1, wherein, in step b) ii), said legal information comprises legaldisclosures related to said electronic document.
 7. A method accordingto claim 1, wherein substep b) ii) comprises presenting said legalinformation in a series of web pages.
 8. A method according to claim 1,wherein substep b) ii) comprises presenting said legal information in aseries of dialog boxes.
 9. A method according to claim 1, whereinsubstep b) iii) comprises associating user-specific information to saidelectronic document.
 10. A method according to claim 9, wherein, insubstep b) iii), said user-specific information is included in a specialsignature file defining the signature of the user.
 11. A methodaccording to claim 9, wherein substep b) iii) further comprisesassociating a digital certificate and private key to the electronicdocument.
 12. A method according to claim 9, wherein substep b) iii)further comprises obtaining said user-specific information from thesecure electronic system.
 13. A method according to claim 1, whereinstep c) further comprises storing said process log in a log database.14. A method according to claim 1, wherein, in step c) ii), said secureprocess authentication code is a hash of said process log.
 15. A methodaccording to claim 1, comprising an additional step before step d) ofproviding an audit trail of the signing of step b) in the electronicdocument as signed.
 16. A method according to claim 15, wherein saidadditional step comprises including a secure document authenticationcode uniquely representing said electronic document as signed in saidaudit trail.
 17. A method according to claim 16, wherein said additionalstep further comprises storing said secure document authentication codein a database.
 18. A method according to claim 16, wherein saidadditional step further comprises generating a hash of said electronicdocument as signed defining the secure document authentication code. 19.A method according to claim 1, comprising an additional step before stepd) of embedding a secure document authentication code uniquelyrepresenting the electronic document as signed inside said electronicdocument.
 20. A method according to claim 1, wherein step d) comprisestransmitting a copy of the electronic document as signed to the user.21. A method according to claim 1, wherein step d) comprises enablingthe user to download the electronic document as signed.
 22. A methodaccording to claim 1, wherein step d) further comprises making theelectronic document as signed available to at least one additional partyconcerned by said electronic document.
 23. A web-based method forapplying a signature of a user on an electronic document in a webenvironment such that said signature of the user is legally enforceable,said method comprising the steps of: a) having the user access the webenvironment from a secure electronic system, said secure system havingverified an identity of the user; b) having the user sign the electronicdocument in said web environment, thereby signing said electronicdocument, said signing being server-based and comprising the substepsof: i) presenting the user with legal information related to saidsigning, and getting agreement from the user of said legal information;ii) presenting the user with a web-based representation of theelectronic document; iii) getting confirmation from the user that theelectronic document is to be signed; and iv) applying said signature ofthe user on said electronic document; c) generating a process log of thesigning of step b), said process log allowing the reconstruction ofsubsteps b) i) to b) iv) as executed by said user, and securelyassociating said process log with the electronic document as signed,said securely associating comprising the substeps of: i) generating asecure process authentication code uniquely representing said processlog; and ii) embedding said process authentication code in saidelectronic document as signed, thereby securely associating said processlog and electronic document; and d) making the electronic document assigned available to the user.
 24. A method according to claim 23,wherein, in step b) i), said legal information comprises informationabout legal implications of the signing of the electronic document. 25.A method according to claim 23, wherein, in step b) i), said legalinformation comprises legal disclosures related to said electronicdocument.
 26. A method according to claim 23, wherein substep b) i)comprises presenting said legal information in a series of web pages.27. A method according to claim 23, wherein substep b) i) comprisespresenting said legal information in a series of dialog boxes.
 28. Amethod according to claim 23, wherein substep b) ii) comprisesretrieving said document from a electronic document storing location.29. A method according to claim 23, wherein substep b) ii) comprisesgenerating said electronic document from a template.
 30. A methodaccording to claim 23, wherein substep b) ii) comprises transformingsaid electronic document from a non-web format to a web-format.
 31. Amethod according to claim 23, wherein substep b) iv) comprisesassociating user-specific information to said electronic document.
 32. Amethod according to claim 31, wherein, in substep b) iv), saiduser-specific information is included in a special signature filedefining the signature of the user.
 33. A method according to claim 31,wherein substep b) iv) further comprises associating a digitalcertificate and private key to the electronic document.
 34. A methodaccording to claim 31, wherein substep b) iv) further comprisesobtaining said user-specific information from the secure electronicsystem.
 35. A method according to claim 23, wherein step c) furthercomprises storing said process log in a log database.
 36. A methodaccording to claim 23, wherein, in step c) ii), said secure processauthentication code is hash of said process log.
 37. A method accordingto claim 23, comprising an additional step before step d) of providingan audit trail of the signing of step b) in the electronic document assigned.
 38. A method according to claim 37, wherein said additional stepcomprises including a secure document authentication code uniquelyrepresenting said electronic document as signed in said audit trail. 39.A method according to claim 38, wherein said additional step furthercomprises storing said secure document authentication code in adatabase.
 40. A method according to claim 38, wherein said additionalstep further comprises generating a hash of said electronic document assigned defining the secure document authentication code.
 41. A methodaccording to claim 23, comprising an additional step before step d) ofembedding a secure document authentication code uniquely representingthe electronic document as signed inside said electronic document.
 42. Amethod according to claim 23, wherein step d) comprises transmitting acopy of the electronic document as signed to the user.
 43. A methodaccording to claim 23, wherein step d) comprises enabling the user todownload the electronic document as signed.
 44. A method according toclaim 23, wherein step d) further comprises sending a copy of theelectronic document as signed to at least one additional party concernedby said electronic document.
 45. A system for applying a signature of auser on an electronic document in a web environment such that saidsignature of the user is legally enforceable, said system comprising:accessing means for accessing said web environment from a secureelectronic system; a document-rendering module for presenting the userwith a web-based representation of said electronic document; a legaldisclosure module for presenting the user, in said web environment, withlegal information related to electronically signing said electronicdocument, and for obtaining agreement from the user of said legalinformation; a document approval module for providing the signature ofthe user to the electronic document upon agreement from the user of thelegal information, thereby signing said electronic document; a processlog module for generating a process log of the signing of the electronicdocument and securely associating said process log with the document assigned, said process log comprising reconstruction data for allowing thereconstruction of the presenting the user with said web-basedrepresentation of the document, of said presenting the user with saidlegal information, of said obtaining agreement from the user of saidlegal information and of said signing of the electronic document, saidprocess log module comprising means for generating a secure processauthentication code uniquely representing said process log, andembedding said secure process authentication code in said electronicdocument as signed, thereby securely associating said process log andelectronic document; and a document distribution module for making theelectronic document as signed available to the user, wherein saidaccessing means and said document-rendering, legal disclosure, documentapproval, process log and document distribution modules areserver-based.
 46. A system according to claim 45, wherein saiddocument-rendering module comprises retrieving means for retrieving saidelectronic document from a document storing location.
 47. A systemaccording to claim 45, further comprising a document customizationmodule cooperating with the document-rendering module for generatingsaid electronic document from a template.
 48. A system according toclaim 45, wherein said document-rendering module comprises transformingmeans for transforming said electronic document from a non-web format toa web-format.
 49. A system according to claim 45, wherein said legalinformation comprises information about legal implications of thesigning of the electronic document.
 50. A system according to claim 45,wherein said legal information comprises legal disclosures related tosaid electronic document.
 51. A system according to claim 45, whereinsaid legal disclosure module comprises displaying means for displayingsaid legal information in a web- based medium.
 52. A system according toclaim 51, wherein said web-based medium includes a plurality of webpages.
 53. A system according to claim 51, wherein said web-based mediumincludes a plurality of dialogue boxes.
 54. A system according to claim45, further comprising a user binding module cooperating with the secureelectronic system to obtain therefrom user- specific information,generating a special signature file using said user-specific informationand providing said special signature file to the document approvalmodule, said special signature file defining the signature of the user.55. A system according to claim 54, wherein said user-specificinformation comprises a digital certificate and private key.
 56. Asystem according to claim 45, wherein said means to generate a secureprocess authentication code comprise a hash module.
 57. A systemaccording to claim 45, further comprising an audit trail module forproviding an audit trail of the signing of the electronic document insaid electronic document as signed.
 58. A system according to claim 57,wherein said audit trail includes a secure document authentication codeuniquely representing said electronic document as signed.
 59. A systemaccording to claim 58, wherein the document authentication code is ahash of said electronic document as signed.
 60. A system according toclaim 45, wherein the document approval module comprises means forembedding a document authentication code uniquely representing theelectronic document as signed inside said document.
 61. A systemaccording to claim 45, wherein said document distribution modulecomprises means for transmitting a copy of the electronic document assigned to the user.
 62. A system according to claim 45, wherein saiddocument distribution module provides a copy of the electronic documentas signed to at least one additional party concerned by said electronicdocument.